Santosh, neither of those comments are technical discussions and I find them both passive aggressive and don't lead to productive discourse, so I will not post them.
-- Dick On 2010-06-08, at 7:35 PM, Santosh Rajan wrote: > I think you need to post whatever I say in public. Since I am getting banned, > or moderated or whatever, it is only fair that you must also publish my views > in public, in my own defence. > > 1) Is the OpenID board the "Gulag Archipelago"? > 2) Maybe i should be proud that I am "Alexander Solshenitsin" around here. > > > As a reminder, here are the guidelines for participating in the OpenID lists: > > Civility, cordiality, and being nice. In the course of any substantive > discourse, viewpoints can be expressed in a number of different ways, both > productive and counter-productive. The goal of discussion on the OpenID lists > need not always be to reach consensus but to enlighten or improve the > understanding of several different alternatives. As such, we encourage and > delight in rigorous discussion and debate, even if gets a bit heated. Ad > hominem attacks or flames (that is, those directed at a person, rather than > an idea) will not be tolerated and may result in a cooling off period or ban. > > If you think someone’s flaming you or being needlessly offensive, do take it > up with them in private e-mail. If they get abusive, discuss it with the list > administrators. Don’t take it onto the public list, or make a public > spectacle. > > The email below does not comply with the guidelines. This is a personal > attack on Eran and is not acceptable and an apology is warranted. > > Unfortunately, your account on OpenID lists will once again be moderated by > myself for at least 2 months. Moderation will be lifted if you have > demonstrated you are willing to consistently productively participate in > discussions. > > -- Dick > > On 2010-06-07, at 11:31 PM, Santosh Rajan wrote: > >> Sorry to say this. Even though you think the situation is "overblown", I >> think you have "really lost it", I think you have really gone "NUTS". I >> think your own suggestion in an earlier post that you would like to go >> australia, frankly, I thing, is a good idea and you should keep up with that >> promise. >> >> On Tue, Jun 8, 2010 at 10:47 AM, Eran Hammer-Lahav <[email protected]> >> wrote: >> >> >> > -----Original Message----- >> > From: [email protected] [mailto:openid-specs- >> > [email protected]] On Behalf Of John Panzer >> > Sent: Monday, June 07, 2010 9:47 PM >> >> > (Note that exactly the same issues arise when downloading extensions. JS >> > is >> > just a way of delivering always-latest-version extensions to your browser.) >> >> Only in this case, the user is in full control over what extensions are >> being installed and updated in its browser. >> >> If Google, Yahoo, Microsoft, and the rest of the companies supporting the >> OpenID effort deployed the server-side half of this proposal, and spent a >> little money on developing plug-ins for all the major browsers (with Google >> and Microsoft able to also include it in the next release of their browser), >> it will create the tipping point in getting some form of identity selector >> in the browser. >> >> It was one thing for the OpenID community of 3 years ago to hack the >> protocol around the limitations of that time. These arguments are just >> insincere when they come from Google, now that you have a pretty successful >> browser (especially considering its age) and massively huge web footprint to >> promote such a feature. >> >> At the end, until you no longer use a script hosted in a single server, >> whoever is in control of this server can do whatever they like. Yes, if they >> do something bad it will be noticed, but that's like putting a bag full of >> cash on a street corner with a video camera next to it. Add to that the >> wealth of information the xauth.org site operator can gather without >> anyone's knowledge, this becomes a scary proposition. >> >> Your entire argument is that my concerns are "overblown", but not that the >> basic premise is incorrect. XAuth uses a single web server which is the most >> essential part of the proposal. The fact that the data itself isn't stored >> on that server (say, in a cookie sent to it) is an improvement over using >> cookies to store this data, but not by much. >> >> If this was something like the gravatar service - maybe. But you are asking >> for blind trust in something that is core to web security and privacy. >> >> EHL >> _______________________________________________ >> specs mailing list >> [email protected] >> http://lists.openid.net/mailman/listinfo/openid-specs >> >> >> >> -- >> http://hi.im/santosh >> >> >> _______________________________________________ >> specs mailing list >> [email protected] >> http://lists.openid.net/mailman/listinfo/openid-specs > > > > > -- > http://hi.im/santosh > > > > > > -- > http://hi.im/santosh > >
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
